Skip to content

feat: ignore supplied password for passwordless room servers #901

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

feat: ignore supplied password for passwordless room servers #901

wants to merge 1 commit into from

Conversation

@muesli
Copy link

@muesli muesli commented Oct 8, 2025
edited
Loading

If the password is intentionally left empty, we can assume the operator wants this room server to be public. In such cases it's less frustrating for users to simply accept any password.

A neater solution might be introducing a separate build flag that explicitly enables password-less public room servers, but the downside is that it requires a separate firmware image or custom build, whereas this solution works for any room server that's already configured without a password. We could think about adding a special case for the "hello" password as well.

Just thinking out loud: we could introduce a separate type indicator (chat, repeater, room, public room) for password-less servers that skips the login procedure altogether to further improve the user experience. Another alternative to that might be a quick status request that indicates if the room server is up and whether it requires authentication.

@muesli muesli changed the base branch from main to dev October 8, 2025 04:12
@muesli muesli force-pushed the passwordless-room branch from 9901602 to 6d65465 Compare October 8, 2025 04:12
@muesli muesli force-pushed the passwordless-room branch from 6d65465 to 1dba6cd Compare October 8, 2025 04:15
@DayleDrinkwater
Copy link

DayleDrinkwater commented Oct 8, 2025

This would break allow_read_only wouldn't it?

@muesli
Copy link
Author

muesli commented Oct 9, 2025

This would break allow_read_only wouldn't it?

It would change the behavior under one specific condition, but I don't think I would call it a breaking change.

Let's look at the different read-only scenarios for servers that have...

  1. no password & read-only disabled: read-only mode never gets enabled (as before)
  2. with password & read-only disabled: read-only mode never gets enabled (as before)
  3. with password & read-only enabled: read-only mode gets enabled if you specify an incorrect password (as before)

This leaves us with only the fourth option, which actually changes its behavior. When no password is set & read-only is enabled, the read-only mode now never gets enabled, because any password gets accepted. I'd argue this is still a positive change, as the previous behavior didn't provide any protection or a true "read-only" mode for guests. Specifying an empty password would still result in write access currently.

Appreciate a review! Am I overlooking something?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@muesli @DayleDrinkwater